[Mimedefang] Fwd: Re: clamav vs clamd vs clamscan
chayes at afo.net
Mon Oct 13 17:01:57 EDT 2014
Per other comments I removed all traces of previous clam installs and
started over with binaries.
Got clamd running as root and mimedefang running as defang - no problem.
But I'd like to run clamd as clamav so I did your idea and added defang
to clamav as such: usermod -G defang clamav
So now clamd is a member of two groups: clamav and defang but I still
get the following error:
Oct 13 15:53:47 sendmail mimedefang.pl: s9DKrlSJ027472: Clamd
returned error: lstat() failed: Permission denied.
Oct 13 15:53:47 sendmail mimedefang.pl: s9DKrlSJ027472: Problem
running virus scanner: code=999, category=swerr, action=tempfail
Mon Oct 13 15:53:47 2014 -> WARNING: lstat() failed on:
On 10/9/2014 1:36 PM, Kees Theunissen wrote:
> On Thu, 9 Oct 2014, Kevin A. McGrail wrote:
>> On 10/9/2014 10:28 AM, Cliff Hayes wrote:
>>> Thanks to this list I am making progress :)
>>> Now clamd is failing due to this...
>>> Wed Oct 8 16:32:20 2014 -> WARNING: lstat() failed on:
>>> ...I'm assuming this is because the mimedefang working directory is owned by
>>> defang and clamd runs as clamav.
>>> I fixed by running clamd as root ... is this the preferred solution or is
>>> there a better way?
>> In general, you don't want daemons running as privileged users.
>> I run clamd as the same user as I run MD and that would be my recommendation as
> On my systems (debian) I run mimedefang as user "defang" and
> group "defang" while clamd is runing as user "clamav" and
> group "clamav". I made the "clamav" user a menber of the
> "defang" group so clamd can read the contents of subdirs
> below /var/spool/MIMEDefang with group rights.
> ~# id defang
> uid=108(defang) gid=110(defang) groups=110(defang)
> ~# id clamav
> uid=107(clamav) gid=109(clamav) groups=110(defang),109(clamav)
> Kees Theunissen.
More information about the MIMEDefang